VYPR
High severity7.5NVD Advisory· Published Dec 1, 2025· Updated May 18, 2026

CVE-2025-13836

CVE-2025-13836

Description

When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

175

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.